package com.github.cakin.shiro.chapter22.jcaptcha;

import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

/**
 * @className: MyFormAuthenticationFilter
 * @description: 当验证码验证失败时不再走身份认证拦截器
 * @date: 2020/5/30
 * @author: cakin
 */
public class MyFormAuthenticationFilter extends FormAuthenticationFilter {

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
        // 当验证码验证失败时不再走身份认证拦截器
        if(request.getAttribute(getFailureKeyAttribute()) != null) {
            return true;
        }
        return super.onAccessDenied(request, response, mappedValue);
    }
}
